Mga Pahina

Saturday, January 20, 2024

Security Surprises On Firefox Quantum

This morning I've found an scaring surprise on my Firefox Quantum. Casually it was connected to a proxy when an unexpected connection came up, the browser  was connecting to an unknown remote site via HTTP and downloading a ZIP that contains an ELF shared library, without any type of signature on it.

This means two things

1) the owner of that site might spread malware infecting many many people.
2) the ISP also might do that.


Ubuntu Version:


Firefox Quantum version:



The URL: hxxp://ciscobinary.openh264.org/openh264-linux64-0410d336bb748149a4f560eb6108090f078254b1.zip




The zip contains these two files:
  3f201a8984d6d765bc81966842294611  libgmpopenh264.so
  44aef3cd6b755fa5f6968725b67fd3b8  gmpopenh264.info

The info file:
  Name: gmpopenh264
  Description: GMP Plugin for OpenH264.
  Version: 1.6.0
  APIs: encode-video[h264], decode-video[h264]

So there is a remote codec loading system that is unsigned and unencrypted, I think is good to be aware of it.

In this case the shared library is a video decoder, but it would be a vector to distribute malware o spyware massively, or an attack vector for a MITM attacker.




Related posts
  1. Hack Rom Tools
  2. Hacking Apps
  3. Hacking Tools For Windows 7
  4. Pentest Tools Apk
  5. Hacker Tools For Mac
  6. Hack Apps
  7. Pentest Tools For Mac
  8. Hacker Tools For Ios
  9. Pentest Tools Open Source
  10. World No 1 Hacker Software
  11. New Hack Tools
  12. Hacking Tools For Windows Free Download
  13. Hacking Tools For Games
  14. Pentest Tools Bluekeep
  15. Hacking Tools For Kali Linux
  16. Pentest Tools Website Vulnerability
  17. Hacking Apps
  18. Hacker Tools Free
  19. Blackhat Hacker Tools
  20. Hacking Tools For Mac
  21. Pentest Tools Subdomain
  22. Hack Tools Download
  23. Hacking Tools 2019
  24. Hack Tools Download
  25. Hacking Tools Download
  26. Hack Tools Online
  27. Black Hat Hacker Tools
  28. Pentest Box Tools Download
  29. Game Hacking
  30. Hacks And Tools
  31. Hack Tools For Pc
  32. Hacking Tools For Mac
  33. What Are Hacking Tools
  34. Hacks And Tools
  35. Pentest Tools
  36. Hacker Tools Software
  37. Bluetooth Hacking Tools Kali
  38. Hacker Hardware Tools
  39. Hacker Tools Mac
  40. Hacker Techniques Tools And Incident Handling
  41. Hacking Tools Name
  42. Pentest Tools Apk
  43. Hack Tools Github
  44. Hacker Security Tools
  45. Pentest Recon Tools
  46. Pentest Tools Review
  47. Hacking Tools Free Download
  48. Pentest Tools For Windows
  49. Hacker Techniques Tools And Incident Handling
  50. Github Hacking Tools
  51. Hack Tool Apk No Root
  52. Hack Tools Github
  53. Nsa Hacker Tools
  54. Ethical Hacker Tools
  55. Pentest Tools Apk
  56. Wifi Hacker Tools For Windows
  57. Hack Website Online Tool
  58. Hacker Tools For Ios
  59. Hacking Tools
  60. Pentest Tools Apk
  61. Blackhat Hacker Tools
  62. Pentest Tools Apk
  63. Best Pentesting Tools 2018
  64. Hacking Tools Github
  65. Hack Tool Apk No Root
  66. Hacking Tools 2020
  67. Hacking Tools And Software
  68. Hack Website Online Tool
  69. Hak5 Tools
  70. Hacker Techniques Tools And Incident Handling
  71. Pentest Tools Find Subdomains
  72. Pentest Tools Free
  73. Pentest Tools For Windows
  74. Pentest Tools Android
  75. Pentest Tools Windows
  76. Hackrf Tools
  77. Pentest Tools Website
  78. Pentest Tools Framework
  79. Hacker Tools List
  80. Hacking Tools For Kali Linux
  81. Hack Rom Tools
  82. Nsa Hacker Tools
  83. Pentest Recon Tools
  84. How To Hack
  85. Pentest Tools List
  86. Hack App
  87. Hacking Tools Windows 10
  88. Hacker Tools Software
  89. Pentest Tools Android
  90. Hacking Tools Kit
  91. Best Hacking Tools 2020
  92. Hacking Tools Name
  93. What Is Hacking Tools
  94. Pentest Tools Url Fuzzer
  95. Hacking Apps
  96. Pentest Tools Bluekeep
  97. Pentest Tools For Ubuntu
  98. Hacking Tools Windows
  99. Pentest Tools Review
  100. Hack Tools Github
  101. Hackers Toolbox
  102. Hack Tools Mac
  103. Hacker Tools For Windows
  104. Game Hacking
  105. Android Hack Tools Github
  106. Hacking Tools Free Download
  107. New Hack Tools
  108. Pentest Tools Find Subdomains
  109. Pentest Tools Open Source
  110. Pentest Tools Subdomain
  111. Hack Apps
  112. Free Pentest Tools For Windows
  113. Pentest Automation Tools
  114. Hacking Tools Software
  115. New Hack Tools
  116. Hack Tools For Windows
  117. Pentest Tools For Mac
  118. How To Make Hacking Tools
  119. How To Make Hacking Tools
  120. Hacker Search Tools
  121. Pentest Tools Linux
  122. Hack Website Online Tool
  123. Pentest Tools Download
  124. Physical Pentest Tools
  125. Pentest Tools Kali Linux
  126. Hack Tools For Pc
  127. Hackers Toolbox
  128. Hacking Tools Online
  129. Hacker Search Tools
  130. Hacker Tools Free Download
  131. Pentest Tools Bluekeep
  132. Hacking Tools For Kali Linux
  133. Best Hacking Tools 2020
  134. Hack Tools Mac
  135. Hacker Tools Free Download
  136. Hacker Tools 2020
  137. Hacking Apps
  138. How To Install Pentest Tools In Ubuntu
  139. Blackhat Hacker Tools
  140. Game Hacking
  141. Pentest Tools Website Vulnerability
  142. Nsa Hacker Tools
  143. Hacking Tools For Games
  144. Black Hat Hacker Tools
  145. Hacking Tools Software
  146. Physical Pentest Tools
  147. Free Pentest Tools For Windows
  148. Hacker Tools For Windows
  149. Hacker Hardware Tools
  150. Tools 4 Hack
  151. Hacking Tools Online
  152. Hacker Tools Free Download
  153. What Are Hacking Tools
  154. Pentest Tools For Ubuntu
  155. Hacker
  156. Pentest Tools Nmap
  157. What Are Hacking Tools
  158. Hacker Tools For Windows
  159. Termux Hacking Tools 2019
  160. Hacker Tools Online
  161. Hack Tools For Mac
  162. Computer Hacker
  163. Hacking Tools Download
  164. Hack Tools Github
  165. Pentest Tools For Mac
  166. Hacker Tools For Windows
  167. Hack Tools For Pc
  168. Bluetooth Hacking Tools Kali
  169. Beginner Hacker Tools
  170. Github Hacking Tools
  171. Hacks And Tools
  172. Hack Tools
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)